PT-2025-22471 · Blackberry +1 · Qnx +2

Published

2025-05-22

Updated

2025-07-29

CVE-2025-3944

Report an issue

CVSS v3.1

9.8

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions:

Tridium Niagara Framework versions prior to 4.14.2, prior to 4.15.1, prior to 4.10.11

Tridium Niagara Enterprise Security versions prior to 4.14.2, prior to 4.15.1, prior to 4.10.11

Description:

The issue affects Tridium Niagara Framework and Tridium Niagara Enterprise Security on QNX, allowing file manipulation due to incorrect permission assignment for critical resources.

Recommendations:

For Tridium Niagara Framework versions prior to 4.14.2, upgrade to version 4.14.2u2.

For Tridium Niagara Framework versions prior to 4.15.1, upgrade to version 4.15.u1.

For Tridium Niagara Framework versions prior to 4.10.11, upgrade to version 4.10u.11.

For Tridium Niagara Enterprise Security versions prior to 4.14.2, upgrade to version 4.14.2u2.

For Tridium Niagara Enterprise Security versions prior to 4.15.1, upgrade to version 4.15.u1.

For Tridium Niagara Enterprise Security versions prior to 4.10.11, upgrade to version 4.10u.11.

Fix

Incorrect Permission

Weakness Enumeration

CWE-732

Related Identifiers

BDU:2025-09135

CVE-2025-3944

Affected Products

Qnx

Tridium Niagara Enterprise Security

Tridium Niagara Ax Framework

PT-2025-22471 · Blackberry +1 · Qnx +2

Weakness Enumeration

Related Identifiers

Affected Products

References · 11